SmartphoneKey API Documentation
API reference for the SmartphoneKey B2C API — secure, app-free access control for multifamily properties and short-term rentals using Apple Wallet and Google Wallet.
Overview
SmartphoneKey provides secure, app-free access control for multifamily properties and short-term rentals. Residents and guests unlock doors using digital keys stored in Apple Wallet or Google Wallet — no app download required.
This documentation covers the B2C API — the backend that manages users, locks, keys, and access control operations.
For partner integrators
If you're integrating an external system to receive SmartphoneKey events:
- Sign in to the Partner Portal for your environment to get your API key and configure your webhook URL.
- Implement an HTTPS endpoint that accepts POST requests and returns 2xx — see Webhooks.
- Keep your API key secret; rotate it from the dashboard if needed.
For the full self-service flow see Partner Onboarding.
API Reference
The full API reference is auto-generated from our OpenAPI specification and kept up to date by CI on every production deploy.
Browse the endpoints in the API Reference tab above.
OpenAPI schema (live, per environment — use to generate clients or explore in Postman / Swagger UI):
- Development: b2c-api.spk-dev.workers.dev/openapi.json
- Production: b2c-api.spk-prod.workers.dev/openapi.json
Environments
| Environment | Base URL |
|---|---|
| Production | https://api.spkey.co |
| Staging | https://b2c-api.spk-stage.workers.dev |
| Development | https://b2c-api.spk-dev.workers.dev |
Authentication
The API uses JWT-based authentication. Include a Bearer token in the Authorization header:
Authorization: Bearer <your-jwt-token>
B2B integrations use API keys via the X-API-Key header.